exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2017-07-14

iSmartAlarm CubeOne Remote Command Execution
Posted Jul 14, 2017
Authored by Ilia Shnaidman

iSmartAlarm CubeOne suffers from a remote command execution vulnerability that allows disabling the alarm and setting it off.

tags | exploit, remote
advisories | CVE-2017-7728
SHA-256 | 4430cd29b879fd0975002c47989434a03744c202fb70efe80eea72dbabd51292
Ubuntu Security Notice USN-3353-2
Posted Jul 14, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3353-2 - USN-3353-1 fixed a vulnerability in Heimdal. This update provides the corresponding update for Samba. Jeffrey Altman, Viktor Dukhovni, and Nicolas Williams discovered that Samba clients incorrectly trusted unauthenticated portions of Kerberos tickets. A remote attacker could use this to impersonate trusted network servers or perform other attacks.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2017-11103
SHA-256 | a459fdb8a6a1a92ac53e727a0c759b4b6fb90e95c344e1abc3d9aad978ed05ba
Ubuntu Security Notice USN-3353-1
Posted Jul 14, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3353-1 - Jeffrey Altman, Viktor Dukhovni, and Nicolas Williams discovered that Heimdal clients incorrectly trusted unauthenticated portions of Kerberos tickets. A remote attacker could use this to impersonate trusted network services or perform other attacks.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2017-11103
SHA-256 | e52276393cab19ea039b4059f324c242fe0308ee69241319d25ff56c997063fa
Cisco DDR2200 / 2201v1 Insecure Direct Object Reference / Path Traversal
Posted Jul 14, 2017
Authored by The Gambler

Cisco DDR2200 and 2201v1 ADSL2+ Residential Gateway devices suffer from insecure direct object reference vulnerabilities that allow for remote code execution as well as a path traversal issue.

tags | exploit, remote, vulnerability, code execution, bypass, file inclusion
systems | cisco
SHA-256 | 7653bf6d69854327291ba03c42436923b5ed5b87b1ea493bea7feccbee2bd185
WDTV Live SMP Remote Password Reset
Posted Jul 14, 2017
Authored by Sw1tCh

WDTV Live suffers from a remote SMP password reset vulnerability.

tags | exploit, remote
SHA-256 | adf823f3fce3f792bea062367944f3a2c224fff3b6c5a0a5c1b4888072593ee5
Counter Strike: Condition Zero Code Execution
Posted Jul 14, 2017
Authored by Grant Hernandez

Counter Strike: Condition Zero .BSP map file code execution exploit.

tags | exploit, code execution
SHA-256 | 1aaae42dcf775bae0172248b3082263a9ac732e19aa248d45bc4c3b2e68c7ed7
Firefox 50.0.1 ASM.JS JIT-Spray Remote Code Execution
Posted Jul 14, 2017
Authored by Rh0

Firefox version 50.0.1 full ASLR and DEP bypass exploit using ASM.JS JIT-spray.

tags | exploit
advisories | CVE-2016-9079, CVE-2017-5375
SHA-256 | 86cecd285d657c050c53a7f7a6a47081e1bc4db32994a106122cf7a3a0d39213
Apache Struts 2.3.x Showcase Remote Code Execution
Posted Jul 14, 2017
Authored by Vex Woo

Apache Struts 2.3.x Showcase remote code execution proof of concept exploit.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2017-9791
SHA-256 | cd6e613e04931295e1cb05abb73544d2cbf655028faed41cdb86dc4dc0492257
Suricata IDPE 3.2.3
Posted Jul 14, 2017
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: Multiple bugs addressed.
tags | tool, intrusion detection
systems | unix
SHA-256 | ad800e313ece9b4e4ef11b2bdfe15bd73d3c8e51833bc4466525b8f0d8ac86aa
Dasan Networks GPON ONT WiFi Router H64X Series System Config Download
Posted Jul 14, 2017
Authored by LiquidWorm | Site zeroscience.mk

Dasan Networks GPON ONT WiFi Router H64X Series suffers from a system configuration download vulnerability.

tags | exploit
SHA-256 | a627da9c1df890eec3dbf9c40fe603019d72bd3fa530fe22b040805a1417bfde
Orion Elite Hidden IP Browser Pro 7.9 OpenSSL / Tor / Man-In-The-Middle
Posted Jul 14, 2017
Authored by MaXe

Orion Elite Hidden IP Browser Pro versions 1.0 through 7.9 have insecure versions of Tor and OpenSSL included and also suffer from man-in-the-middle vulnerabilities.

tags | exploit, vulnerability
SHA-256 | ea153ef267f8201a7355e376eb43cd29dc8fbd90d5353fe0f4d060beb44b2f07
Debian Security Advisory 3908-1
Posted Jul 14, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3908-1 - An integer overflow has been found in the HTTP range module of Nginx, a high-performance web and reverse proxy server, which may result in information disclosure.

tags | advisory, web, overflow, info disclosure
systems | linux, debian
advisories | CVE-2017-7529
SHA-256 | cd5d2384bd7687090fd755285606347e1b18cee5c52c2981199d70b0f3637271
Ubuntu Security Notice USN-3352-1
Posted Jul 14, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3352-1 - It was discovered that an integer overflow existed in the range filter feature of nginx. A remote attacker could use this to expose sensitive information.

tags | advisory, remote, overflow
systems | linux, ubuntu
advisories | CVE-2017-7529
SHA-256 | 600f498d7b4084bab728c07868e8b5a07ccd3733023e2b76c91ac8906d9da164
Ubuntu Security Notice USN-3351-1
Posted Jul 14, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3351-1 - Felix Wilhelm discovered that Evince did not safely invoke tar when handling tar comic book files. An attacker could use this to construct a malicious cbt comic book format file that, when opened in Evince, executes arbitrary code. Please note that this update disables support for cbt files in Evince.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-1000083
SHA-256 | 3fe5d19b26214d0b95ad2ff9a1f3a7333b9d4af545c0497976e300077f278004
Microsoft Windows COM Session Moniker Privilege Escalation
Posted Jul 14, 2017
Authored by James Forshaw, Google Security Research | Site metasploit.com

Microsoft Windows has a bad fix for the COM session moniker that can allow for elevation of privilege.

tags | advisory
systems | windows
advisories | CVE-2017-0298
SHA-256 | 0513905439fcd24b1c37ca2f061101e2c62f7d370913d6c5f709593e098f6c5d
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    69 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close